#Cybersecurity #Trends for #2015


It’s 2015, and once again I’m going to take a look at what I think will be the trends in cybersecurity for 2015. I’m going to focus on all of them all at once this time, instead of an individual post devoted to each, since it took me so long to do that in 2014. Here they are, in no particular order:

SSL Visibility
I’m biased in this one, as my company is one of the only providers for a solution for this (any others you see are white-labeled versions of ours currently), but responsible SSL visibility is coming. Essentially this means that corporations are going to start decrypting, analysing, and re-encrypting SSL traffic coming into or leaving their networks. The reasons for this are simple – they’ll need to know what’s in the traffic. SSL traffic is only increasing in volume; more importantly, malware uses encryption whenever possible.

The “responsible” portion refers to the idea of only analyzing the appropriate SSL traffic. There’s a distinct difference between analysing an SSL stream to a .ro domain v. analysing the SSL traffic to citibank.co.uk. Companies already have the tools to make this distinction, and they will be applied more broadly in the coming year. This will allow them to protect against risks while at the same time not spying on people’s banking or medical SSL traffic, which should be legitimately encrypted.

Increased Encryption & Flight from US Datacentres
Sites like Google and Yahoo! are already increasing their encryption, making them end-to-end. Where corporations can, this trend will continue. Additionally, people will continue to seek alternatives to the US-controlled, NSA-snooped internet. I’ve already moved all my sites from the US. Other companies are looking to do the same. Brazil is even looking to create an underwater cable connecting itself to Portugal to bypass US internet links.

Smartphone/Device Digital Forensics
As more and more BYOD occurs, we’re going to see more and more need for digital forensics for things like smartphones and tablets. While this is not a new thing per se, something on the order of 3 BILLION people are due to start coming online, many of them skipping the laptop and going straight to mobile/tablet. As this becomes more prevalent in the workplace as well, there will be needs to cover such devices with Acceptable Use Policies (AUPs), and we’ll find that whether company provided or not, people’s mobile devices will be finding them imaged and the digital evidence used for one reason or another.

Malware authors will also find that such devices, while not ideal platforms for running malware, will be so ubiquitous and constantly connected that they’ll start to really use mobile platforms for the spread of malware.

TOR Hardening/Replacement/Upgrades
The Onion Router, or TOR, is currently the only way to get you to those .onion addresses on the dark web. There are efforts by law enforcement and governments to find ways to exploit the weaknesses in TOR so as to monitor what people do on the dark web, and this trend will continue. An opposing trend will emerge that will see those weaknesses as they exist mitigated whenever possible. Alternative solutions may also complement/arise, as in the case of Tribler. The glorious agonist future will continue its its fabian crawl to meet the present.

Bitcoin Continues its Dominance; Ethereum Starts Making Waves
In the area of cryptocurrencies, Bitcoin will continue to dominate. While other currencies (Litecoin, Dogecoin) will still be around, Bitcoin will continue to be centre stage, and will continue to be the choice in ransoms demanded. Ethereum will start to be more important. It won’t supplant Bitcoin but will coexist and extend the ecosystem. It will face its first tests as a mature technology (when it gets there in 2015) and security around distributed contract technology will become a focus.

Biohacking Gets Security Safeguards
As more and more people start to join the Quantified Self movement, there will be an explosion of data gathered for individuals, and this will need to be safeguarded. Additionally, implants and other wireless assistive technologies will need to skip the “1nt3rn3t c0nn3ct1vty is 1337!” stage and have relevant security built in. No one wants the wireless controller in their artificial leg hacked with AirCrack, and manufacturers/3d printers of said technologies will have to enable smart, resilient technologies for security where needed.

Rich Data Science Applied to Emerging Threats
After the Target hack, it became clear that the folks on their security team were receiving alerts, but essentially ignored them. It’s not going to be good enough to have people monitoring everything. We’re going to see artificial intelligence start getting applied to larger and larger amounts of monitoring data so as to remove humans where possible, and make those still involved more responsible. “Big Data” is all well and good, but if you don’t have any way to make sense of it, you may as well not even have it.